Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum

Author Topic: [SOLVED]Unattended Upgrades and how to make them work in Sparky  (Read 312 times)

Offline bin

  • Jr. Member
  • **
  • Posts: 55
  • Karma: 1
[SOLVED]Unattended Upgrades and how to make them work in Sparky
« on: October 15, 2020, 01:56:05 pm »
If you want to use unattended-upgrades with Sparkylinux there's a couple of extra hoops you have to jump through compared with any other linux distro.

I've been using u/a for years on other distros, both Debian and Ubuntu, and apart from configuring the repository information and setting the timers it has always just worked.

With Sparky that was not the case.

Just to fill in the details, u/a relies on 2 systemd timer files for making it run, a config file for the repo information together with the apt daily service.

The timers are apt-daily.timer and apt-daily-upgrade.timer
The function of apt-daily.timer is to run the equivalent of sudo apt update
The function of apt-daily-upgrade.timer is to run sudo apt upgrade
The config file is 50unattended-upgrades
The service is apt-daily.service

What I found with Sparky is that the upgrade was running, but the update was not - so it never pulled in the list of new packages.

Create required symlink:-
For the timers to run the files have symlinks in different locations and the symlink for apt-daily.timer is not in the correct location in /etc/systemd/system/
So, the equivalent of apt get update never happens.

So, to get it all running smoothly:-
Code: [Select]
sudo apt purge unattended-upgrades
sudo apt install unattended-upgrades

Remove masking symlink:-
There is a symlink for apt-daily.service in /etc/systemd/system/ pointing to dev>null which I remove.

Create required symlink:-
In /etc/systemd/system/ I create a symlink to /lib/systemd/system/apt-daily.timer

Edit timers - I prefer to edit the main files in /lib/..... but you can use systemctl edit:-

Code: [Select]
sudo systemctl edit apt-daily.timer
This creates /etc/systemd/system/apt-daily.timer.d/override.conf which you can then edit to provide the same info.

Modify apt-daily.timer to run after boot:-
I edit /lib/...apt-daily.timer to read:-
Code: [Select]
Description=Daily apt download activities

#OnCalendar=*-*-* 6,18:00

This runs 5 minutes after boot.

Modify apt-daily-upgrade.timer to run on boot - after apt-daily.timer
I edit apt-daily-upgrade.timer:-
Code: [Select]
Description=Daily apt upgrade and clean activities

#OnCalendar=*-*-* 6:00


This runs 10 minutes after apt-daily.timer

Configure sources for upgrades:-
Edit /etc/apt/apt.conf.d/50unattended-upgrades.
I edit the Origins section as follows:-

Code: [Select]
Unattended-Upgrade::Origins-Pattern {
        // Codename based matching:
        // This will follow the migration of a release through different
        // archives (e.g. from testing to stable and later oldstable).
        // Software will be the latest available for the named release,
        // but the Debian release itself will not be automatically upgraded.
//      "origin=Debian,codename=${distro_codename}-updates";
//      "origin=Debian,codename=${distro_codename}-proposed-updates";
//      "origin=Debian,codename=${distro_codename},label=Debian";
//      "origin=Debian,codename=${distro_codename},label=Debian-Security";

        // Archive or Suite based matching:
        // Note that this will silently match a different release after
        // migration to the specified archive (e.g. testing becomes the
        // new stable).

        "o=Unofficial Multimedia Packages,n=buster";
        "o=Google LLC,a=stable";
//      "o=Debian Backports,a=buster-backports";

// Python regular expressions, matching packages to exclude from upgrading
Unattended-Upgrade::Package-Blacklist {
    // The following matches all packages starting with linux-
//  "linux-";
The above values can be derived from running
Code: [Select]
sudo apt-policy > policy.txt and working through that file.

20auto-upgrades should already look like this:-
Code: [Select]
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";

You can amend the "1" to "always"
This will then allow you to run it as often as you like by configuring the timers above to run on minutes or hours.

Once you've done this you can then reboot and all will be well.
You can check what is happening using - below is from my system after reboot/next day

Code: [Select]
robin@flopsy:~$ sudo systemctl status apt-daily-upgrade.service
● apt-daily-upgrade.service - Daily apt upgrade and clean activities
   Loaded: loaded (/lib/systemd/system/apt-daily-upgrade.service; static; vendor preset: enabled)
   Active: inactive (dead) since Thu 2020-10-15 05:58:25 BST; 4h 24min ago
     Docs: man:apt(8)
  Process: 2771 ExecStartPre=/usr/lib/apt/apt-helper wait-online (code=exited, status=0/SUCCESS)
  Process: 2779 ExecStart=/usr/lib/apt/apt.systemd.daily install (code=exited, status=0/SUCCESS)
 Main PID: 2779 (code=exited, status=0/SUCCESS)

Oct 15 05:58:15 flopsy systemd[1]: Starting Daily apt upgrade and clean activities...
Oct 15 05:58:25 flopsy systemd[1]: apt-daily-upgrade.service: Succeeded.
Oct 15 05:58:25 flopsy systemd[1]: Started Daily apt upgrade and clean activities.

robin@flopsy:~$ sudo systemctl list-timers apt-daily.timer --all
NEXT                         LEFT     LAST                         PASSED       UNIT            ACTIVATES
Fri 2020-10-16 05:48:12 BST  19h left Thu 2020-10-15 05:48:12 BST  4h 34min ago apt-daily.timer apt-daily.service

1 timers listed.

robin@flopsy:~$ sudo systemctl list-timers apt-daily-upgrade.timer --all
NEXT LEFT LAST                         PASSED       UNIT                    ACTIVATES
n/a  n/a  Thu 2020-10-15 05:58:15 BST  4h 24min ago apt-daily-upgrade.timer apt-daily-upgrade.service

1 timers listed.

I hope this is of help to someone who may be struggling with why u/a does not behave as expected in Sparky. Of course Sparky has its own update tool that can be configured to run via a Cron job. Unattended Upgrades is just a different way of doing the same job but totally in background with no user intervention required.